For Microsoft, the merging of the metaverse and the business world is inevitable, and therefore, something to be prepared for – especially from a security perspective.
In a blog post written by Charlie Bell, the company’s Executive Vice President for Security, Compliance, Identity, and Management, the company notes that the metaverse, just as any other quantum leap in technology, brings with it various fraudsters, wheelers-dealers, and other suspicious-looking types.
“There is an inherent social engineering advantage with the novelty of any new technology,” Bell says, anticipating that the Business Email Compromise (BEC) attack, for example, could transform into something like a Business Avatar Compromise.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
A familiar face
“In the metaverse, fraud and phishing attacks targeting your identity could come from a familiar face – literally – like an avatar who impersonates your coworker, instead of a misleading domain name or email address,” he continues. In other words, when you put on your business VR headset and go meet your boss – you might instead be meeting a fraudster looking to steal your money.
The metaverse is still taking baby steps, but as with any other technology – adoption moves first slowly, then suddenly. It’s high time, Bell argues, to create a solid cybersecurity foundation for a new way of working and collaborating.
“We have one chance at the start of this era to establish specific, core security principles that foster trust and peace of mind for metaverse experiences,” he continues.
The metaverse is a great opportunity to boost productivity – one we shouldn't miss, he adds.
“If we miss this opportunity, we’ll needlessly deter the adoption of technologies with great potential for improving accessibility, collaboration and business. The security community must work together to build a foundation to safely work, shop and play.”
That being said, Bell calls for absolute unity among companies – including rivals, as they work on these foundations.
“We’ve long known that security is a team sport, and no single vendor, product or technology can go it alone in protection.” Solving for identity in the metaverse is a “top concern”, he claims, adding that transparency and interoperability need to be sewn deeply into the fabric of the metaverse, if the technology is to take off, properly.
“Let’s make the lessons we’ve learned about identity, transparency and the security community’s powerful collaboration our top ideals to enable this next wave of technology to reach its full potential,” Bell finishes.